WazirX, a leading Indian cryptocurrency exchange catering primarily to the domestic market, suffered a major security breach on July 18th, 2024. Hackers managed to siphon off more than $234.74 million worth of crypto assets in over 190 different tokens.
UwU Lend, a decentralized finance (DeFi) platform, suffered a security exploit on June 10th, resulting in a loss of more than $18.89 million on the Ethereum blockchain. UwU Lend is a platform for cryptocurrency users to earn and borrow digital assets. Unlike traditional banks, it doesn't hold onto your funds (non-custodial). Users can participate as depositors, borrowers, or LP stakers. Depositors provide liquidity to the market to earn a passive income, while borrowers can borrow in an overcollateralized fashion. LP stakers provide liquidity and receive a revenue share when staking their LP tokens.
Velocore, a decentralized exchange that operates on the Telos, zkSync Era, and Linea blockchains, was exploited on the 2nd of June, 2024. Hackers targeted vulnerabilities in Velocore's smart contracts that were responsible for managing liquidity pools.
Pike Finance, a platform designed to simplify borrowing and lending digital assets across different blockchains, fell victim to a series of attacks in April 2024. Pike Finance allowed users to interact with their crypto directly on their native blockchains, eliminating the need for a complex "wrapping" process. This innovative approach aimed to streamline DeFi experiences.
On March 28th, Prisma Finance, a decentralized lending platform, experienced a flashloan attack that led to a significant loss of $12.6 million. The attack exploited a vulnerability within the smart contract code, particularly within the "MigrateTroveZap" contracts responsible for migrating user positions between different trove managers.
CurioDAO is a multichain platform focused on real-world asset tokenization, enhancing liquidity through various mechanisms such as stablecoins, a launchpad, and Automated Market Makers.
The platform is governed by the Curio Governance Token (CGT), allowing holders to participate in decision-making processes related to the Curio Creator Protocol.
On the 23rd of March 2024, a vulnerability in the voting power privilege access control was exploited, leading to a significant security breach. The attacker gained access to Curio Governance (CGT) tokens, allowing them to increase their voting power within the project's smart contract. With this elevated voting power, the attackers were able to execute the unauthorized minting of a large quantity of CGT tokens.
